ENISA’s Ad-Hoc Working Group on Cyber Threat Landscapes

I am┬áhonored to have been appointed as one of the 18 expert members of the European Union Agency for Cybersecurity (ENISA) Ad-hoc Working Group on Cyber Threat Landscapes. The group will offer assistance and expertise in designing, updating, and reviewing CTI methodologies, including the annual ENISA Threat Landscape Report. I am looking forward to work with the rest of the Working Group’s members as well as with ENISA people.

Continue reading “ENISA’s Ad-Hoc Working Group on Cyber Threat Landscapes”

Top 25 CTI Presos for 2020 (pandemic version)

Hey folks! 2020 was a year to remember mostly because of non-CTI related stuff. Every year I write a blog post about my top CTI presentations but this time I am a little bit late (aren’t we still in 2020 mode in any case?).

Due to the pandemic, we had the opportunity to participate in many online conferences/summits and watch lots of presentations. See below (in random order) the CTI presentations I enjoyed most, learned something that I applied to my day-to-day work, and gave me insights into cyber threats and CTI practices.

Hopefully this year we will have more F2F conferences and interaction. Enjoy and stay safe!

Continue reading “Top 25 CTI Presos for 2020 (pandemic version)”

CrySyS Lab Analysis on NSA’s Territorial Dispute

CrySyS Lab has provided a great document on its analysis on NSA’s perspective on the APT landscape. The analysis is based on Shadow Brokers leak (“Lost in Translation” leak) and most specifically on the module called “Territorial Dispute“. The purpose of this module is to detect presence of competing state intelligence services. NSA wanted to secure its operations, avoid any conflict between “Five Eyes” group as well as get intelligence on the targets of the competing state intelligence services.

See below some interesting points related to the analysis done by CrySyS Lab:

Continue reading “CrySyS Lab Analysis on NSA’s Territorial Dispute”